Easily implement multifunctional login / logout with Python / Flask using Auth0 https://blanktar.jp/blog/2017/11/python-flask-auth0.html
There was a part of the above site that didn't work, so I fixed it.
from jwt.algorithms import RSAAlgorithm
@app.route('/callback')
def auth_callback():
#Get the information given by Auth0.
resp = auth0.authorized_response()
if resp is None:
return 'nothing data', 403
#Get the information to check the signature.
jwks = json.loads(urllib.request.urlopen("https://"+AUTH0_DOMAIN+"/.well-known/jwks.json").read())
#Decrypt JWT format data to get information about the user.
#By the way, I'm verifying that the signature is correct.
try:
payload = jwt.decode(resp['id_token'], RSAAlgorithm.from_jwk( json.dumps(jwks['keys'][0])), audience=AUTH0_CLIENT_ID, algorithms='RS256')
except Exception as e:
print(e)
return 'something wrong', 403 #The signature is strange.
#Save user data in cookie using Flask Session.
flask.session['profile'] = {
'id': payload['sub'],
'name': payload['name'],
'picture': payload['picture'],
}
#Skip to my page.
return flask.redirect(flask.url_for('mypage'))